Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-8944	Plugin for Google Analytics by IO technologies <= 1.1 - Cross-Site Request Forgery via 'ga_id' Parameter_CVE-2026-8944 The Plugin for Google Analytics by IO technologies plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and includin...	engagementanalytics	Plugin for Google Analytics by IO technologies	Jun 30, 2026	CVE
MEDIUM 4.4	CVE-2026-12560	Editorial Rating <= 4.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Link URL' Field_CVE-2026-12560 The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all...	wpqode	Editorial Rating – Product Review & Rating System	Jun 30, 2026	CVE
MEDIUM 6.5	9A0091F4-6679-	Exploit for CVE-2026-43700_9A0091F4-6679-565C-8F3F-7D6907959F22 CVE-2026-43700 WebKit WebGPU importExternalTexture cross-domain information leakage. Safari: Red/Green/Blue/White – Fixed issue = 26.5.2: PATCHED i...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
NONE	4AD76066-A087-	Stored-XSS-leading-to-Remote-Code-Execution-Vulnerability-in-gpu-jupyter-_4AD76066-A087-5285-97B9-4D3DEED95B77 Stored XSS leading to Remote Code Execution Vulnerability in gpu-jupyter A stored cross-site scripting XSS vulnerability leading to remote code exe...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
CRITICAL 9.9	54FD57FA-4F05-	Exploit for Prototype Pollution in N8N_54FD57FA-4F05-5BF3-A823-C8F345BE77D5 CVE-2026-44789 — n8n HTTP Request Node Pagination Prototype Pollution → RCE An authenticated n8n in the n8n server process through the HTTP Request...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
HIGH 7.5	CVE-2026-12243	Path Traversal via Percent-Encoding in nltk.data.find() and nltk.data.load()_CVE-2026-12243 NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in ...	nltk	nltk/nltk unspecified	Jun 30, 2026	CVE
HIGH 8.4	CVE-2026-58302	CVE-2026-58302_CVE-2026-58302 rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via d...	LinuxCNC	LinuxCNC	Jun 30, 2026	CVE
NONE	WIRED:9AB3DD2ED...	Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs_WIRED:9AB3DD2ED75ACDEE876552BBEA9C220C Hundreds of contractors working on a project for Meta pretended to be kids in order to see how other chatbots like Gemini and ChatGPT would respond...	N/A	N/A	Jun 29, 2026	WIRED
CRITICAL 9.8	0E8262F5-24FF-	Exploit for Injection in Arjunsharda Searchor_0E8262F5-24FF-5B7F-A10A-2834068BE447 No description provided...	N/A	N/A	Jun 30, 2026	GITHUBEXPLOIT
MEDIUM 6.2	CVE-2026-10648	NULL-pointer dereference in MCUmgr serial/console SMP transport on buffer-pool exhaustion_CVE-2026-10648 mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before che...	zephyrproject	zephyr 4.4.0	Jun 29, 2026	CVE